<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/*

*/

class UMS_Session extends CI_Session {


  function UMS_Session()
  {
    parent::CI_Session();
    // Authenticate
    $this->_authenticate();
   
    // Update session
    $this->_update();
    // trap direction
    $this->_trap();
    // trap
    // Send HTML Headers
    $this->CI->output->set_header("HTTP/1.0 200 OK");
    $this->CI->output->set_header("HTTP/1.1 200 OK");
    $this->CI->output->set_header("Expires: Sat, 1 Jan 2005 00:00:00 GMT");
    $this->CI->output->set_header("Last-Modified: ".gmdate( "D, d M Y H:i:s")."GMT");
    $this->CI->output->set_header("Cache-Control: no-store, no-cache, must-revalidate");
    $this->CI->output->set_header("Cache-Control: post-check=0, pre-check=0");
    $this->CI->output->set_header("Pragma: no-cache");
  }
  
  function _authenticate()
  {
    // if user is logging in...
    if( !$this->CI->input->post('flag') == "ums_auth" ) return false;
 
    if( !$session_id = $this->userdata( 'session_id' ) ) {
      $this->_login();
    }

    if ( !( $username = $this->CI->input->post('ums_username') ) || !( $password = $this->CI->input->post('ums_password') ) ) {
      $this->_login();
    }

    $CI =& get_instance();
    $CI->load->model('Ums');
    if( !is_array($UMS_User = $CI->Ums->authenticate($username, $password)) ) {
      $this->_login();
    }

    if( !($CI->Ums->session_update_data($session_id, $UMS_User)) ) {
      $this->_login();
    }
    
    $this->set_userdata('username', $UMS_User['username']); 
    $this->set_userdata('role_id', $UMS_User['user_role_id']); 
    $this->set_userdata('group_id', $UMS_User['user_group_id']); 
    //$this->set_userdata('profile_status', $UMS_User['profile_status']); 
    $this->set_userdata('ums', $CI->Ums->get_user_details_cache($username) ); 
    
    $CI->Ums->user_logs($username, 'log-in', "User log-in.");
    redirect('./');
  }

  function _login()
  {
    redirect('/home/login');
  }

  function _update()
  {

    // Update this session
    $CI =& get_instance();
    $CI->load->model('Ums');

    //if( !$this->userdata('session_id') ) $this->_login();

    if( !$session_id = $this->userdata('session_id') ) {
      //$this->_login();
      return false;
    }
    if( !$CI->Ums->session_update( $session_id ) ) {
      //$this->_login(); 
      return false;
    }
    $CI->Ums->delete_old_session( $session_id ); 
    return true;
  }
  
  // Trap the controller or actions
  function _trap()
  {
    $seg1 = $this->CI->uri->segment(1);
    $seg2 = $this->CI->uri->segment(2);
    $seg3 = $this->CI->uri->segment(3);
    $seg4 = $this->CI->uri->segment(4);
    
    // Check if the user if accessing other page while not yet logged-in
    if( !( trim($this->userdata('username')) ) && ( $seg1!='home' && $seg2!='login' ) ) {
      $this->_login();
    }
    
    // The user is accessing log-in page
    if( $seg1 == 'home' && $seg2 == 'login' ) {
      //$CI =& get_instance();
      //$CI->load->model('Ums');
      //$CI->Ums->logout(); 
      $this->sess_destroy();
      $this->sess_create();
      return true;
    }
    
    if( !trim($this->userdata('username')) ) {
      die('ERROR:Login');
    }
    
    if( $seg1 == '' && $seg2 == '' ) return true;
    if( $seg1 == 'home' && preg_match( "/(|login|account|profile|notifications)/", $seg2) ) return true;
    if( $seg1 == 'home' && preg_match( "/(ping|js|changepassword)/", $seg2) ) return true;
    if( $seg1 == 'home' && $seg2 == 'login' ) return true;

    // We can place the ACL rules here...

    $CI =& get_instance();
    $CI->load->model('Ums');
    $MODULES = $CI->Ums->_get_modules($this->userdata('role_id'));
    
    foreach ( $MODULES as $module ) {
      if ( ( $module['method'] === $seg1 ) && ( $module['sub_method'] === $seg2 ) ) {
        if ( $module[$seg3] === '1' ) {
          $privilege = true;
          break;
        }
      }
    }
    
    if (!$privilege ) {
      //$this->set_userdata('popupmsg', 'You are not allowed to access this page. Please contact your System Administrator for assistance.');
      if( preg_match( "/(xml|json|js)/",  $CI->uri->uri_string() ) ) {
        die('ERROR:Login');
      }
    }

    
  }

  function get_menu_list()
  {
    $CI =& get_instance();
    $CI->load->model('Ums');
    return $CI->Ums->get_menu_list_js($this->userdata('username'), $this->userdata('role_id') ); 
  }  

} //end of UMS_Session class
